summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/util
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/util')
-rw-r--r--src/lib/libcrypto/util/arx.pl15
-rw-r--r--src/lib/libcrypto/util/fipslink.pl2
-rw-r--r--src/lib/libcrypto/util/libeay.num148
-rw-r--r--src/lib/libcrypto/util/mk1mf.pl406
-rw-r--r--src/lib/libcrypto/util/mkdef.pl25
-rw-r--r--src/lib/libcrypto/util/mkfiles.pl10
-rw-r--r--src/lib/libcrypto/util/mklink.pl12
-rw-r--r--src/lib/libcrypto/util/mksdef.pl87
-rw-r--r--src/lib/libcrypto/util/pl/VC-32.pl186
-rw-r--r--src/lib/libcrypto/util/ssleay.num1
10 files changed, 784 insertions, 108 deletions
diff --git a/src/lib/libcrypto/util/arx.pl b/src/lib/libcrypto/util/arx.pl
new file mode 100644
index 0000000000..ce62625c33
--- /dev/null
+++ b/src/lib/libcrypto/util/arx.pl
@@ -0,0 +1,15 @@
1#!/bin/perl
2
3# Simple perl script to wrap round "ar" program and exclude any
4# object files in the environment variable EXCL_OBJ
5
6map { s/^.*\/([^\/]*)$/$1/ ; $EXCL{$_} = 1} split(' ', $ENV{EXCL_OBJ});
7
8#my @ks = keys %EXCL;
9#print STDERR "Excluding: @ks \n";
10
11my @ARGS = grep { !exists $EXCL{$_} } @ARGV;
12
13system @ARGS;
14
15exit $? >> 8;
diff --git a/src/lib/libcrypto/util/fipslink.pl b/src/lib/libcrypto/util/fipslink.pl
index a893833c5c..3597bc1740 100644
--- a/src/lib/libcrypto/util/fipslink.pl
+++ b/src/lib/libcrypto/util/fipslink.pl
@@ -28,7 +28,7 @@ if (exists $ENV{"PREMAIN_DSO_EXE"})
28 } 28 }
29 29
30check_hash($sha1_exe, "fips_premain.c"); 30check_hash($sha1_exe, "fips_premain.c");
31check_hash($sha1_exe, "fipscanister.o"); 31check_hash($sha1_exe, "fipscanister.lib");
32 32
33 33
34print "Integrity check OK\n"; 34print "Integrity check OK\n";
diff --git a/src/lib/libcrypto/util/libeay.num b/src/lib/libcrypto/util/libeay.num
index 2989500c4b..0eb54ddc89 100644
--- a/src/lib/libcrypto/util/libeay.num
+++ b/src/lib/libcrypto/util/libeay.num
@@ -725,7 +725,7 @@ d2i_DSAPublicKey 731 EXIST::FUNCTION:DSA
725d2i_DSAparams 732 EXIST::FUNCTION:DSA 725d2i_DSAparams 732 EXIST::FUNCTION:DSA
726d2i_NETSCAPE_SPKAC 733 EXIST::FUNCTION: 726d2i_NETSCAPE_SPKAC 733 EXIST::FUNCTION:
727d2i_NETSCAPE_SPKI 734 EXIST::FUNCTION: 727d2i_NETSCAPE_SPKI 734 EXIST::FUNCTION:
728d2i_Netscape_RSA 735 EXIST::FUNCTION:RSA 728d2i_Netscape_RSA 735 EXIST::FUNCTION:RC4,RSA
729d2i_PKCS7 736 EXIST::FUNCTION: 729d2i_PKCS7 736 EXIST::FUNCTION:
730d2i_PKCS7_DIGEST 737 EXIST::FUNCTION: 730d2i_PKCS7_DIGEST 737 EXIST::FUNCTION:
731d2i_PKCS7_ENCRYPT 738 EXIST::FUNCTION: 731d2i_PKCS7_ENCRYPT 738 EXIST::FUNCTION:
@@ -827,7 +827,7 @@ i2d_DSAPublicKey 834 EXIST::FUNCTION:DSA
827i2d_DSAparams 835 EXIST::FUNCTION:DSA 827i2d_DSAparams 835 EXIST::FUNCTION:DSA
828i2d_NETSCAPE_SPKAC 836 EXIST::FUNCTION: 828i2d_NETSCAPE_SPKAC 836 EXIST::FUNCTION:
829i2d_NETSCAPE_SPKI 837 EXIST::FUNCTION: 829i2d_NETSCAPE_SPKI 837 EXIST::FUNCTION:
830i2d_Netscape_RSA 838 EXIST::FUNCTION:RSA 830i2d_Netscape_RSA 838 EXIST::FUNCTION:RC4,RSA
831i2d_PKCS7 839 EXIST::FUNCTION: 831i2d_PKCS7 839 EXIST::FUNCTION:
832i2d_PKCS7_DIGEST 840 EXIST::FUNCTION: 832i2d_PKCS7_DIGEST 840 EXIST::FUNCTION:
833i2d_PKCS7_ENCRYPT 841 EXIST::FUNCTION: 833i2d_PKCS7_ENCRYPT 841 EXIST::FUNCTION:
@@ -1814,9 +1814,9 @@ RAND_egd_bytes 2402 EXIST::FUNCTION:
1814X509_REQ_get1_email 2403 EXIST::FUNCTION: 1814X509_REQ_get1_email 2403 EXIST::FUNCTION:
1815X509_get1_email 2404 EXIST::FUNCTION: 1815X509_get1_email 2404 EXIST::FUNCTION:
1816X509_email_free 2405 EXIST::FUNCTION: 1816X509_email_free 2405 EXIST::FUNCTION:
1817i2d_RSA_NET 2406 EXIST::FUNCTION:RSA 1817i2d_RSA_NET 2406 EXIST::FUNCTION:RC4,RSA
1818d2i_RSA_NET_2 2407 NOEXIST::FUNCTION: 1818d2i_RSA_NET_2 2407 NOEXIST::FUNCTION:
1819d2i_RSA_NET 2408 EXIST::FUNCTION:RSA 1819d2i_RSA_NET 2408 EXIST::FUNCTION:RC4,RSA
1820DSO_bind_func 2409 EXIST::FUNCTION: 1820DSO_bind_func 2409 EXIST::FUNCTION:
1821CRYPTO_get_new_dynlockid 2410 EXIST::FUNCTION: 1821CRYPTO_get_new_dynlockid 2410 EXIST::FUNCTION:
1822sk_new_null 2411 EXIST::FUNCTION: 1822sk_new_null 2411 EXIST::FUNCTION:
@@ -2804,12 +2804,12 @@ OPENSSL_cleanse 3245 EXIST::FUNCTION:
2804ENGINE_setup_bsd_cryptodev 3246 EXIST:__FreeBSD__:FUNCTION:ENGINE 2804ENGINE_setup_bsd_cryptodev 3246 EXIST:__FreeBSD__:FUNCTION:ENGINE
2805ERR_release_err_state_table 3247 EXIST::FUNCTION:LHASH 2805ERR_release_err_state_table 3247 EXIST::FUNCTION:LHASH
2806EVP_aes_128_cfb8 3248 EXIST::FUNCTION:AES 2806EVP_aes_128_cfb8 3248 EXIST::FUNCTION:AES
2807FIPS_corrupt_rsa 3249 NOEXIST::FUNCTION: 2807FIPS_corrupt_rsa 3249 EXIST:OPENSSL_FIPS:FUNCTION:
2808FIPS_selftest_des 3250 NOEXIST::FUNCTION: 2808FIPS_selftest_des 3250 EXIST:OPENSSL_FIPS:FUNCTION:
2809EVP_aes_128_cfb1 3251 EXIST::FUNCTION:AES 2809EVP_aes_128_cfb1 3251 EXIST::FUNCTION:AES
2810EVP_aes_192_cfb8 3252 EXIST::FUNCTION:AES 2810EVP_aes_192_cfb8 3252 EXIST::FUNCTION:AES
2811FIPS_mode_set 3253 NOEXIST::FUNCTION: 2811FIPS_mode_set 3253 EXIST:OPENSSL_FIPS:FUNCTION:
2812FIPS_selftest_dsa 3254 NOEXIST::FUNCTION: 2812FIPS_selftest_dsa 3254 EXIST:OPENSSL_FIPS:FUNCTION:
2813EVP_aes_256_cfb8 3255 EXIST::FUNCTION:AES 2813EVP_aes_256_cfb8 3255 EXIST::FUNCTION:AES
2814FIPS_allow_md5 3256 NOEXIST::FUNCTION: 2814FIPS_allow_md5 3256 NOEXIST::FUNCTION:
2815DES_ede3_cfb_encrypt 3257 EXIST::FUNCTION:DES 2815DES_ede3_cfb_encrypt 3257 EXIST::FUNCTION:DES
@@ -2817,44 +2817,44 @@ EVP_des_ede3_cfb8 3258 EXIST::FUNCTION:DES
2817FIPS_rand_seeded 3259 NOEXIST::FUNCTION: 2817FIPS_rand_seeded 3259 NOEXIST::FUNCTION:
2818AES_cfbr_encrypt_block 3260 EXIST::FUNCTION:AES 2818AES_cfbr_encrypt_block 3260 EXIST::FUNCTION:AES
2819AES_cfb8_encrypt 3261 EXIST::FUNCTION:AES 2819AES_cfb8_encrypt 3261 EXIST::FUNCTION:AES
2820FIPS_rand_seed 3262 NOEXIST::FUNCTION: 2820FIPS_rand_seed 3262 EXIST:OPENSSL_FIPS:FUNCTION:
2821FIPS_corrupt_des 3263 NOEXIST::FUNCTION: 2821FIPS_corrupt_des 3263 EXIST:OPENSSL_FIPS:FUNCTION:
2822EVP_aes_192_cfb1 3264 EXIST::FUNCTION:AES 2822EVP_aes_192_cfb1 3264 EXIST::FUNCTION:AES
2823FIPS_selftest_aes 3265 NOEXIST::FUNCTION: 2823FIPS_selftest_aes 3265 EXIST:OPENSSL_FIPS:FUNCTION:
2824FIPS_set_prng_key 3266 NOEXIST::FUNCTION: 2824FIPS_set_prng_key 3266 NOEXIST::FUNCTION:
2825EVP_des_cfb8 3267 EXIST::FUNCTION:DES 2825EVP_des_cfb8 3267 EXIST::FUNCTION:DES
2826FIPS_corrupt_dsa 3268 NOEXIST::FUNCTION: 2826FIPS_corrupt_dsa 3268 EXIST:OPENSSL_FIPS:FUNCTION:
2827FIPS_test_mode 3269 NOEXIST::FUNCTION: 2827FIPS_test_mode 3269 NOEXIST::FUNCTION:
2828FIPS_rand_method 3270 NOEXIST::FUNCTION: 2828FIPS_rand_method 3270 EXIST:OPENSSL_FIPS:FUNCTION:
2829EVP_aes_256_cfb1 3271 EXIST::FUNCTION:AES 2829EVP_aes_256_cfb1 3271 EXIST::FUNCTION:AES
2830ERR_load_FIPS_strings 3272 NOEXIST::FUNCTION: 2830ERR_load_FIPS_strings 3272 EXIST:OPENSSL_FIPS:FUNCTION:
2831FIPS_corrupt_aes 3273 NOEXIST::FUNCTION: 2831FIPS_corrupt_aes 3273 EXIST:OPENSSL_FIPS:FUNCTION:
2832FIPS_selftest_sha1 3274 NOEXIST::FUNCTION: 2832FIPS_selftest_sha1 3274 EXIST:OPENSSL_FIPS:FUNCTION:
2833FIPS_selftest_rsa 3275 NOEXIST::FUNCTION: 2833FIPS_selftest_rsa 3275 EXIST:OPENSSL_FIPS:FUNCTION:
2834FIPS_corrupt_sha1 3276 NOEXIST::FUNCTION: 2834FIPS_corrupt_sha1 3276 EXIST:OPENSSL_FIPS:FUNCTION:
2835EVP_des_cfb1 3277 EXIST::FUNCTION:DES 2835EVP_des_cfb1 3277 EXIST::FUNCTION:DES
2836FIPS_dsa_check 3278 NOEXIST::FUNCTION: 2836FIPS_dsa_check 3278 NOEXIST::FUNCTION:
2837AES_cfb1_encrypt 3279 EXIST::FUNCTION:AES 2837AES_cfb1_encrypt 3279 EXIST::FUNCTION:AES
2838EVP_des_ede3_cfb1 3280 EXIST::FUNCTION:DES 2838EVP_des_ede3_cfb1 3280 EXIST::FUNCTION:DES
2839FIPS_rand_check 3281 NOEXIST::FUNCTION: 2839FIPS_rand_check 3281 EXIST:OPENSSL_FIPS:FUNCTION:
2840FIPS_md5_allowed 3282 NOEXIST::FUNCTION: 2840FIPS_md5_allowed 3282 NOEXIST::FUNCTION:
2841FIPS_mode 3283 NOEXIST::FUNCTION: 2841FIPS_mode 3283 EXIST:OPENSSL_FIPS:FUNCTION:
2842FIPS_selftest_failed 3284 NOEXIST::FUNCTION: 2842FIPS_selftest_failed 3284 EXIST:OPENSSL_FIPS:FUNCTION:
2843sk_is_sorted 3285 EXIST::FUNCTION: 2843sk_is_sorted 3285 EXIST::FUNCTION:
2844X509_check_ca 3286 EXIST::FUNCTION: 2844X509_check_ca 3286 EXIST::FUNCTION:
2845private_idea_set_encrypt_key 3287 NOEXIST::FUNCTION: 2845private_idea_set_encrypt_key 3287 EXIST:OPENSSL_FIPS:FUNCTION:IDEA
2846HMAC_CTX_set_flags 3288 NOEXIST::FUNCTION: 2846HMAC_CTX_set_flags 3288 EXIST::FUNCTION:HMAC
2847private_SHA_Init 3289 NOEXIST::FUNCTION: 2847private_SHA_Init 3289 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA0
2848private_CAST_set_key 3290 NOEXIST::FUNCTION: 2848private_CAST_set_key 3290 EXIST:OPENSSL_FIPS:FUNCTION:CAST
2849private_RIPEMD160_Init 3291 NOEXIST::FUNCTION: 2849private_RIPEMD160_Init 3291 EXIST:OPENSSL_FIPS:FUNCTION:RIPEMD
2850private_RC5_32_set_key 3292 NOEXIST::FUNCTION: 2850private_RC5_32_set_key 3292 EXIST:OPENSSL_FIPS:FUNCTION:RC5
2851private_MD5_Init 3293 NOEXIST::FUNCTION: 2851private_MD5_Init 3293 EXIST:OPENSSL_FIPS:FUNCTION:MD5
2852private_RC4_set_key 3294 NOEXIST::FUNCTION: 2852private_RC4_set_key 3294 EXIST:OPENSSL_FIPS:FUNCTION:RC4
2853private_MDC2_Init 3295 NOEXIST::FUNCTION: 2853private_MDC2_Init 3295 EXIST:OPENSSL_FIPS:FUNCTION:MDC2
2854private_RC2_set_key 3296 NOEXIST::FUNCTION: 2854private_RC2_set_key 3296 EXIST:OPENSSL_FIPS:FUNCTION:RC2
2855private_MD4_Init 3297 NOEXIST::FUNCTION: 2855private_MD4_Init 3297 EXIST:OPENSSL_FIPS:FUNCTION:MD4
2856private_BF_set_key 3298 NOEXIST::FUNCTION: 2856private_BF_set_key 3298 EXIST:OPENSSL_FIPS:FUNCTION:BF
2857private_MD2_Init 3299 NOEXIST::FUNCTION: 2857private_MD2_Init 3299 EXIST:OPENSSL_FIPS:FUNCTION:MD2
2858d2i_PROXY_CERT_INFO_EXTENSION 3300 EXIST::FUNCTION: 2858d2i_PROXY_CERT_INFO_EXTENSION 3300 EXIST::FUNCTION:
2859PROXY_POLICY_it 3301 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: 2859PROXY_POLICY_it 3301 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
2860PROXY_POLICY_it 3301 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: 2860PROXY_POLICY_it 3301 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
@@ -2868,13 +2868,13 @@ PROXY_CERT_INFO_EXTENSION_it 3307 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTI
2868PROXY_POLICY_free 3308 EXIST::FUNCTION: 2868PROXY_POLICY_free 3308 EXIST::FUNCTION:
2869PROXY_POLICY_new 3309 EXIST::FUNCTION: 2869PROXY_POLICY_new 3309 EXIST::FUNCTION:
2870BN_MONT_CTX_set_locked 3310 EXIST::FUNCTION: 2870BN_MONT_CTX_set_locked 3310 EXIST::FUNCTION:
2871FIPS_selftest_rng 3311 NOEXIST::FUNCTION: 2871FIPS_selftest_rng 3311 EXIST:OPENSSL_FIPS:FUNCTION:
2872EVP_sha384 3312 EXIST::FUNCTION:SHA,SHA512 2872EVP_sha384 3312 EXIST::FUNCTION:SHA,SHA512
2873EVP_sha512 3313 EXIST::FUNCTION:SHA,SHA512 2873EVP_sha512 3313 EXIST::FUNCTION:SHA,SHA512
2874EVP_sha224 3314 EXIST::FUNCTION:SHA,SHA256 2874EVP_sha224 3314 EXIST::FUNCTION:SHA,SHA256
2875EVP_sha256 3315 EXIST::FUNCTION:SHA,SHA256 2875EVP_sha256 3315 EXIST::FUNCTION:SHA,SHA256
2876FIPS_selftest_hmac 3316 NOEXIST::FUNCTION: 2876FIPS_selftest_hmac 3316 EXIST:OPENSSL_FIPS:FUNCTION:
2877FIPS_corrupt_rng 3317 NOEXIST::FUNCTION: 2877FIPS_corrupt_rng 3317 EXIST:OPENSSL_FIPS:FUNCTION:
2878BN_mod_exp_mont_consttime 3318 EXIST::FUNCTION: 2878BN_mod_exp_mont_consttime 3318 EXIST::FUNCTION:
2879RSA_X931_hash_id 3319 EXIST::FUNCTION:RSA 2879RSA_X931_hash_id 3319 EXIST::FUNCTION:RSA
2880RSA_padding_check_X931 3320 EXIST::FUNCTION:RSA 2880RSA_padding_check_X931 3320 EXIST::FUNCTION:RSA
@@ -2882,7 +2882,7 @@ RSA_verify_PKCS1_PSS 3321 EXIST::FUNCTION:RSA
2882RSA_padding_add_X931 3322 EXIST::FUNCTION:RSA 2882RSA_padding_add_X931 3322 EXIST::FUNCTION:RSA
2883RSA_padding_add_PKCS1_PSS 3323 EXIST::FUNCTION:RSA 2883RSA_padding_add_PKCS1_PSS 3323 EXIST::FUNCTION:RSA
2884PKCS1_MGF1 3324 EXIST::FUNCTION:RSA 2884PKCS1_MGF1 3324 EXIST::FUNCTION:RSA
2885BN_X931_generate_Xpq 3325 NOEXIST::FUNCTION: 2885BN_X931_generate_Xpq 3325 EXIST::FUNCTION:
2886RSA_X931_generate_key 3326 NOEXIST::FUNCTION: 2886RSA_X931_generate_key 3326 NOEXIST::FUNCTION:
2887BN_X931_derive_prime 3327 NOEXIST::FUNCTION: 2887BN_X931_derive_prime 3327 NOEXIST::FUNCTION:
2888BN_X931_generate_prime 3328 NOEXIST::FUNCTION: 2888BN_X931_generate_prime 3328 NOEXIST::FUNCTION:
@@ -3652,3 +3652,75 @@ CMS_set1_eContentType 4040 EXIST::FUNCTION:CMS
3652CMS_ReceiptRequest_create0 4041 EXIST::FUNCTION:CMS 3652CMS_ReceiptRequest_create0 4041 EXIST::FUNCTION:CMS
3653CMS_add1_signer 4042 EXIST::FUNCTION:CMS 3653CMS_add1_signer 4042 EXIST::FUNCTION:CMS
3654CMS_RecipientInfo_set0_pkey 4043 EXIST::FUNCTION:CMS 3654CMS_RecipientInfo_set0_pkey 4043 EXIST::FUNCTION:CMS
3655ENGINE_set_load_ssl_client_cert_function 4044 EXIST:!VMS:FUNCTION:ENGINE
3656ENGINE_set_ld_ssl_clnt_cert_fn 4044 EXIST:VMS:FUNCTION:ENGINE
3657ENGINE_get_ssl_client_cert_function 4045 EXIST:!VMS:FUNCTION:ENGINE
3658ENGINE_get_ssl_client_cert_fn 4045 EXIST:VMS:FUNCTION:ENGINE
3659ENGINE_load_ssl_client_cert 4046 EXIST::FUNCTION:ENGINE
3660ENGINE_load_capi 4047 EXIST::FUNCTION:CAPIENG,ENGINE
3661OPENSSL_isservice 4048 EXIST::FUNCTION:
3662FIPS_dsa_sig_decode 4049 EXIST:OPENSSL_FIPS:FUNCTION:DSA
3663EVP_CIPHER_CTX_clear_flags 4050 EXIST::FUNCTION:
3664FIPS_rand_status 4051 EXIST:OPENSSL_FIPS:FUNCTION:
3665FIPS_rand_set_key 4052 EXIST:OPENSSL_FIPS:FUNCTION:
3666CRYPTO_set_mem_info_functions 4053 EXIST::FUNCTION:
3667RSA_X931_generate_key_ex 4054 EXIST::FUNCTION:RSA
3668int_ERR_set_state_func 4055 EXIST:OPENSSL_FIPS:FUNCTION:
3669int_EVP_MD_set_engine_callbacks 4056 EXIST:OPENSSL_FIPS:FUNCTION:ENGINE
3670int_CRYPTO_set_do_dynlock_callback 4057 EXIST::FUNCTION:
3671FIPS_rng_stick 4058 EXIST:OPENSSL_FIPS:FUNCTION:
3672EVP_CIPHER_CTX_set_flags 4059 EXIST::FUNCTION:
3673BN_X931_generate_prime_ex 4060 EXIST::FUNCTION:
3674FIPS_selftest_check 4061 EXIST:OPENSSL_FIPS:FUNCTION:
3675FIPS_rand_set_dt 4062 EXIST:OPENSSL_FIPS:FUNCTION:
3676CRYPTO_dbg_pop_info 4063 EXIST::FUNCTION:
3677FIPS_dsa_free 4064 EXIST:OPENSSL_FIPS:FUNCTION:DSA
3678RSA_X931_derive_ex 4065 EXIST::FUNCTION:RSA
3679FIPS_rsa_new 4066 EXIST:OPENSSL_FIPS:FUNCTION:RSA
3680FIPS_rand_bytes 4067 EXIST:OPENSSL_FIPS:FUNCTION:
3681fips_cipher_test 4068 EXIST:OPENSSL_FIPS:FUNCTION:
3682EVP_CIPHER_CTX_test_flags 4069 EXIST::FUNCTION:
3683CRYPTO_malloc_debug_init 4070 EXIST::FUNCTION:
3684CRYPTO_dbg_push_info 4071 EXIST::FUNCTION:
3685FIPS_corrupt_rsa_keygen 4072 EXIST:OPENSSL_FIPS:FUNCTION:
3686FIPS_dh_new 4073 EXIST:OPENSSL_FIPS:FUNCTION:DH
3687FIPS_corrupt_dsa_keygen 4074 EXIST:OPENSSL_FIPS:FUNCTION:
3688FIPS_dh_free 4075 EXIST:OPENSSL_FIPS:FUNCTION:DH
3689fips_pkey_signature_test 4076 EXIST:OPENSSL_FIPS:FUNCTION:
3690EVP_add_alg_module 4077 EXIST::FUNCTION:
3691int_RAND_init_engine_callbacks 4078 EXIST:OPENSSL_FIPS:FUNCTION:ENGINE
3692int_EVP_CIPHER_set_engine_callbacks 4079 EXIST:OPENSSL_FIPS:FUNCTION:ENGINE
3693int_EVP_MD_init_engine_callbacks 4080 EXIST:OPENSSL_FIPS:FUNCTION:ENGINE
3694FIPS_rand_test_mode 4081 EXIST:OPENSSL_FIPS:FUNCTION:
3695FIPS_rand_reset 4082 EXIST:OPENSSL_FIPS:FUNCTION:
3696FIPS_dsa_new 4083 EXIST:OPENSSL_FIPS:FUNCTION:DSA
3697int_RAND_set_callbacks 4084 EXIST:OPENSSL_FIPS:FUNCTION:ENGINE
3698BN_X931_derive_prime_ex 4085 EXIST::FUNCTION:
3699int_ERR_lib_init 4086 EXIST:OPENSSL_FIPS:FUNCTION:
3700int_EVP_CIPHER_init_engine_callbacks 4087 EXIST:OPENSSL_FIPS:FUNCTION:ENGINE
3701FIPS_rsa_free 4088 EXIST:OPENSSL_FIPS:FUNCTION:RSA
3702FIPS_dsa_sig_encode 4089 EXIST:OPENSSL_FIPS:FUNCTION:DSA
3703CRYPTO_dbg_remove_all_info 4090 EXIST::FUNCTION:
3704OPENSSL_init 4091 EXIST::FUNCTION:
3705private_Camellia_set_key 4092 EXIST:OPENSSL_FIPS:FUNCTION:CAMELLIA
3706CRYPTO_strdup 4093 EXIST::FUNCTION:
3707JPAKE_STEP3A_process 4094 EXIST::FUNCTION:JPAKE
3708JPAKE_STEP1_release 4095 EXIST::FUNCTION:JPAKE
3709JPAKE_get_shared_key 4096 EXIST::FUNCTION:JPAKE
3710JPAKE_STEP3B_init 4097 EXIST::FUNCTION:JPAKE
3711JPAKE_STEP1_generate 4098 EXIST::FUNCTION:JPAKE
3712JPAKE_STEP1_init 4099 EXIST::FUNCTION:JPAKE
3713JPAKE_STEP3B_process 4100 EXIST::FUNCTION:JPAKE
3714JPAKE_STEP2_generate 4101 EXIST::FUNCTION:JPAKE
3715JPAKE_CTX_new 4102 EXIST::FUNCTION:JPAKE
3716JPAKE_CTX_free 4103 EXIST::FUNCTION:JPAKE
3717JPAKE_STEP3B_release 4104 EXIST::FUNCTION:JPAKE
3718JPAKE_STEP3A_release 4105 EXIST::FUNCTION:JPAKE
3719JPAKE_STEP2_process 4106 EXIST::FUNCTION:JPAKE
3720JPAKE_STEP3B_generate 4107 EXIST::FUNCTION:JPAKE
3721JPAKE_STEP1_process 4108 EXIST::FUNCTION:JPAKE
3722JPAKE_STEP3A_generate 4109 EXIST::FUNCTION:JPAKE
3723JPAKE_STEP2_release 4110 EXIST::FUNCTION:JPAKE
3724JPAKE_STEP3A_init 4111 EXIST::FUNCTION:JPAKE
3725ERR_load_JPAKE_strings 4112 EXIST::FUNCTION:JPAKE
3726JPAKE_STEP2_init 4113 EXIST::FUNCTION:JPAKE
diff --git a/src/lib/libcrypto/util/mk1mf.pl b/src/lib/libcrypto/util/mk1mf.pl
index 1ac5fd3a50..f2b92b2b25 100644
--- a/src/lib/libcrypto/util/mk1mf.pl
+++ b/src/lib/libcrypto/util/mk1mf.pl
@@ -15,6 +15,18 @@ my $engines = "";
15local $zlib_opt = 0; # 0 = no zlib, 1 = static, 2 = dynamic 15local $zlib_opt = 0; # 0 = no zlib, 1 = static, 2 = dynamic
16local $zlib_lib = ""; 16local $zlib_lib = "";
17 17
18local $fips_canister_path = "";
19my $fips_premain_dso_exe_path = "";
20my $fips_premain_c_path = "";
21my $fips_sha1_exe_path = "";
22
23local $fipscanisterbuild = 0;
24local $fipsdso = 0;
25
26my $fipslibdir = "";
27my $baseaddr = "";
28
29my $ex_l_libs = "";
18 30
19open(IN,"<Makefile") || die "unable to open Makefile!\n"; 31open(IN,"<Makefile") || die "unable to open Makefile!\n";
20while(<IN>) { 32while(<IN>) {
@@ -221,6 +233,8 @@ $cflags.=" -DOPENSSL_NO_SSL2" if $no_ssl2;
221$cflags.=" -DOPENSSL_NO_SSL3" if $no_ssl3; 233$cflags.=" -DOPENSSL_NO_SSL3" if $no_ssl3;
222$cflags.=" -DOPENSSL_NO_TLSEXT" if $no_tlsext; 234$cflags.=" -DOPENSSL_NO_TLSEXT" if $no_tlsext;
223$cflags.=" -DOPENSSL_NO_CMS" if $no_cms; 235$cflags.=" -DOPENSSL_NO_CMS" if $no_cms;
236$cflags.=" -DOPENSSL_NO_JPAKE" if $no_jpake;
237$cflags.=" -DOPENSSL_NO_CAPIENG" if $no_capieng;
224$cflags.=" -DOPENSSL_NO_ERR" if $no_err; 238$cflags.=" -DOPENSSL_NO_ERR" if $no_err;
225$cflags.=" -DOPENSSL_NO_KRB5" if $no_krb5; 239$cflags.=" -DOPENSSL_NO_KRB5" if $no_krb5;
226$cflags.=" -DOPENSSL_NO_EC" if $no_ec; 240$cflags.=" -DOPENSSL_NO_EC" if $no_ec;
@@ -228,7 +242,7 @@ $cflags.=" -DOPENSSL_NO_ECDSA" if $no_ecdsa;
228$cflags.=" -DOPENSSL_NO_ECDH" if $no_ecdh; 242$cflags.=" -DOPENSSL_NO_ECDH" if $no_ecdh;
229$cflags.=" -DOPENSSL_NO_ENGINE" if $no_engine; 243$cflags.=" -DOPENSSL_NO_ENGINE" if $no_engine;
230$cflags.=" -DOPENSSL_NO_HW" if $no_hw; 244$cflags.=" -DOPENSSL_NO_HW" if $no_hw;
231 245$cflags.=" -DOPENSSL_FIPS" if $fips;
232$cflags.= " -DZLIB" if $zlib_opt; 246$cflags.= " -DZLIB" if $zlib_opt;
233$cflags.= " -DZLIB_SHARED" if $zlib_opt == 2; 247$cflags.= " -DZLIB_SHARED" if $zlib_opt == 2;
234 248
@@ -250,9 +264,9 @@ else
250 264
251$ex_libs="$l_flags$ex_libs" if ($l_flags ne ""); 265$ex_libs="$l_flags$ex_libs" if ($l_flags ne "");
252 266
253
254%shlib_ex_cflags=("SSL" => " -DOPENSSL_BUILD_SHLIBSSL", 267%shlib_ex_cflags=("SSL" => " -DOPENSSL_BUILD_SHLIBSSL",
255 "CRYPTO" => " -DOPENSSL_BUILD_SHLIBCRYPTO"); 268 "CRYPTO" => " -DOPENSSL_BUILD_SHLIBCRYPTO",
269 "FIPS" => " -DOPENSSL_BUILD_SHLIBCRYPTO");
256 270
257if ($msdos) 271if ($msdos)
258 { 272 {
@@ -280,11 +294,21 @@ for (;;)
280 { 294 {
281 if ($lib ne "") 295 if ($lib ne "")
282 { 296 {
283 $uc=$lib; 297 if ($fips && $dir =~ /^fips/)
284 $uc =~ s/^lib(.*)\.a/$1/; 298 {
285 $uc =~ tr/a-z/A-Z/; 299 $uc = "FIPS";
286 $lib_nam{$uc}=$uc; 300 }
287 $lib_obj{$uc}.=$libobj." "; 301 else
302 {
303 $uc=$lib;
304 $uc =~ s/^lib(.*)\.a/$1/;
305 $uc =~ tr/a-z/A-Z/;
306 }
307 if (($uc ne "FIPS") || $fipscanisterbuild)
308 {
309 $lib_nam{$uc}=$uc;
310 $lib_obj{$uc}.=$libobj." ";
311 }
288 } 312 }
289 last if ($val eq "FINISHED"); 313 last if ($val eq "FINISHED");
290 $lib=""; 314 $lib="";
@@ -327,11 +351,130 @@ for (;;)
327 if ($key eq "LIBNAMES" && $dir eq "engines" && $no_static_engine) 351 if ($key eq "LIBNAMES" && $dir eq "engines" && $no_static_engine)
328 { $engines.=$val } 352 { $engines.=$val }
329 353
354 if ($key eq "FIPS_EX_OBJ")
355 {
356 $fips_ex_obj=&var_add("crypto",$val,0);
357 }
358
359 if ($key eq "FIPSLIBDIR")
360 {
361 $fipslibdir=$val;
362 $fipslibdir =~ s/\/$//;
363 $fipslibdir =~ s/\//$o/g;
364 }
365
366 if ($key eq "BASEADDR")
367 { $baseaddr=$val;}
368
330 if (!($_=<IN>)) 369 if (!($_=<IN>))
331 { $_="RELATIVE_DIRECTORY=FINISHED\n"; } 370 { $_="RELATIVE_DIRECTORY=FINISHED\n"; }
332 } 371 }
333close(IN); 372close(IN);
334 373
374if ($fips)
375 {
376
377 foreach (split " ", $fips_ex_obj)
378 {
379 $fips_exclude_obj{$1} = 1 if (/\/([^\/]*)$/);
380 }
381
382 $fips_exclude_obj{"cpu_win32"} = 1;
383 $fips_exclude_obj{"bn_asm"} = 1;
384 $fips_exclude_obj{"des_enc"} = 1;
385 $fips_exclude_obj{"fcrypt_b"} = 1;
386 $fips_exclude_obj{"aes_core"} = 1;
387 $fips_exclude_obj{"aes_cbc"} = 1;
388
389 my @ltmp = split " ", $lib_obj{"CRYPTO"};
390
391
392 $lib_obj{"CRYPTO"} = "";
393
394 foreach(@ltmp)
395 {
396 if (/\/([^\/]*)$/ && exists $fips_exclude_obj{$1})
397 {
398 if ($fipscanisterbuild)
399 {
400 $lib_obj{"FIPS"} .= "$_ ";
401 }
402 }
403 else
404 {
405 $lib_obj{"CRYPTO"} .= "$_ ";
406 }
407 }
408
409 }
410
411if ($fipscanisterbuild)
412 {
413 $fips_canister_path = "\$(LIB_D)${o}fipscanister.lib" if $fips_canister_path eq "";
414 $fips_premain_c_path = "\$(LIB_D)${o}fips_premain.c";
415 }
416else
417 {
418 if ($fips_canister_path eq "")
419 {
420 $fips_canister_path = "\$(FIPSLIB_D)${o}fipscanister.lib";
421 }
422
423 if ($fips_premain_c_path eq "")
424 {
425 $fips_premain_c_path = "\$(FIPSLIB_D)${o}fips_premain.c";
426 }
427 }
428
429if ($fips)
430 {
431 if ($fips_sha1_exe_path eq "")
432 {
433 $fips_sha1_exe_path =
434 "\$(BIN_D)${o}fips_standalone_sha1$exep";
435 }
436 }
437 else
438 {
439 $fips_sha1_exe_path = "";
440 }
441
442if ($fips_premain_dso_exe_path eq "")
443 {
444 $fips_premain_dso_exe_path = "\$(BIN_D)${o}fips_premain_dso$exep";
445 }
446
447# $ex_build_targets .= "\$(BIN_D)${o}\$(E_PREMAIN_DSO)$exep" if ($fips);
448
449#$ex_l_libs .= " \$(L_FIPS)" if $fipsdso;
450
451if ($fips)
452 {
453 if (!$shlib)
454 {
455 $ex_build_targets .= " \$(LIB_D)$o$crypto_compat \$(PREMAIN_DSO_EXE)";
456 $ex_l_libs .= " \$(O_FIPSCANISTER)";
457 $ex_libs_dep .= " \$(O_FIPSCANISTER)" if $fipscanisterbuild;
458 }
459 if ($fipscanisterbuild)
460 {
461 $fipslibdir = "\$(LIB_D)";
462 }
463 else
464 {
465 if ($fipslibdir eq "")
466 {
467 open (IN, "util/fipslib_path.txt") || fipslib_error();
468 $fipslibdir = <IN>;
469 chomp $fipslibdir;
470 close IN;
471 }
472 fips_check_files($fipslibdir,
473 "fipscanister.lib", "fipscanister.lib.sha1",
474 "fips_premain.c", "fips_premain.c.sha1");
475 }
476 }
477
335if ($shlib) 478if ($shlib)
336 { 479 {
337 $extra_install= <<"EOF"; 480 $extra_install= <<"EOF";
@@ -397,6 +540,7 @@ SRC_D=$src_dir
397LINK=$link 540LINK=$link
398LFLAGS=$lflags 541LFLAGS=$lflags
399RSC=$rsc 542RSC=$rsc
543FIPSLINK=\$(PERL) util${o}fipslink.pl
400 544
401AES_ASM_OBJ=$aes_asm_obj 545AES_ASM_OBJ=$aes_asm_obj
402AES_ASM_SRC=$aes_asm_src 546AES_ASM_SRC=$aes_asm_src
@@ -440,6 +584,17 @@ MKLIB=$bin_dir$mklib
440MLFLAGS=$mlflags 584MLFLAGS=$mlflags
441ASM=$bin_dir$asm 585ASM=$bin_dir$asm
442 586
587# FIPS validated module and support file locations
588
589E_PREMAIN_DSO=fips_premain_dso
590
591FIPSLIB_D=$fipslibdir
592BASEADDR=$baseaddr
593FIPS_PREMAIN_SRC=$fips_premain_c_path
594O_FIPSCANISTER=$fips_canister_path
595FIPS_SHA1_EXE=$fips_sha1_exe_path
596PREMAIN_DSO_EXE=$fips_premain_dso_exe_path
597
443###################################################### 598######################################################
444# You should not need to touch anything below this point 599# You should not need to touch anything below this point
445###################################################### 600######################################################
@@ -447,6 +602,7 @@ ASM=$bin_dir$asm
447E_EXE=openssl 602E_EXE=openssl
448SSL=$ssl 603SSL=$ssl
449CRYPTO=$crypto 604CRYPTO=$crypto
605LIBFIPS=libosslfips
450 606
451# BIN_D - Binary output directory 607# BIN_D - Binary output directory
452# TEST_D - Binary test file output directory 608# TEST_D - Binary test file output directory
@@ -467,12 +623,14 @@ INCL_D=\$(TMP_D)
467 623
468O_SSL= \$(LIB_D)$o$plib\$(SSL)$shlibp 624O_SSL= \$(LIB_D)$o$plib\$(SSL)$shlibp
469O_CRYPTO= \$(LIB_D)$o$plib\$(CRYPTO)$shlibp 625O_CRYPTO= \$(LIB_D)$o$plib\$(CRYPTO)$shlibp
626O_FIPS= \$(LIB_D)$o$plib\$(LIBFIPS)$shlibp
470SO_SSL= $plib\$(SSL)$so_shlibp 627SO_SSL= $plib\$(SSL)$so_shlibp
471SO_CRYPTO= $plib\$(CRYPTO)$so_shlibp 628SO_CRYPTO= $plib\$(CRYPTO)$so_shlibp
472L_SSL= \$(LIB_D)$o$plib\$(SSL)$libp 629L_SSL= \$(LIB_D)$o$plib\$(SSL)$libp
473L_CRYPTO= \$(LIB_D)$o$plib\$(CRYPTO)$libp 630L_CRYPTO= \$(LIB_D)$o$plib\$(CRYPTO)$libp
631L_FIPS= \$(LIB_D)$o$plib\$(LIBFIPS)$libp
474 632
475L_LIBS= \$(L_SSL) \$(L_CRYPTO) 633L_LIBS= \$(L_SSL) \$(L_CRYPTO) $ex_l_libs
476 634
477###################################################### 635######################################################
478# Don't touch anything below this point 636# Don't touch anything below this point
@@ -482,13 +640,13 @@ INC=-I\$(INC_D) -I\$(INCL_D)
482APP_CFLAGS=\$(INC) \$(CFLAG) \$(APP_CFLAG) 640APP_CFLAGS=\$(INC) \$(CFLAG) \$(APP_CFLAG)
483LIB_CFLAGS=\$(INC) \$(CFLAG) \$(LIB_CFLAG) 641LIB_CFLAGS=\$(INC) \$(CFLAG) \$(LIB_CFLAG)
484SHLIB_CFLAGS=\$(INC) \$(CFLAG) \$(LIB_CFLAG) \$(SHLIB_CFLAG) 642SHLIB_CFLAGS=\$(INC) \$(CFLAG) \$(LIB_CFLAG) \$(SHLIB_CFLAG)
485LIBS_DEP=\$(O_CRYPTO) \$(O_SSL) 643LIBS_DEP=\$(O_CRYPTO) \$(O_SSL) $ex_libs_dep
486 644
487############################################# 645#############################################
488EOF 646EOF
489 647
490$rules=<<"EOF"; 648$rules=<<"EOF";
491all: banner \$(TMP_D) \$(BIN_D) \$(TEST_D) \$(LIB_D) \$(INCO_D) headers lib exe 649all: banner \$(TMP_D) \$(BIN_D) \$(TEST_D) \$(LIB_D) \$(INCO_D) headers \$(FIPS_SHA1_EXE) lib exe $ex_build_targets
492 650
493banner: 651banner:
494$banner 652$banner
@@ -603,6 +761,26 @@ $rules.=&do_compile_rule("\$(OBJ_D)",$test,"\$(APP_CFLAGS)");
603$defs.=&do_defs("E_OBJ",$e_exe,"\$(OBJ_D)",$obj); 761$defs.=&do_defs("E_OBJ",$e_exe,"\$(OBJ_D)",$obj);
604$rules.=&do_compile_rule("\$(OBJ_D)",$e_exe,'-DMONOLITH $(APP_CFLAGS)'); 762$rules.=&do_compile_rule("\$(OBJ_D)",$e_exe,'-DMONOLITH $(APP_CFLAGS)');
605 763
764# Special case rules for fips_start and fips_end fips_premain_dso
765
766if ($fips)
767 {
768 if ($fipscanisterbuild)
769 {
770 $rules.=&cc_compile_target("\$(OBJ_D)${o}fips_start$obj",
771 "fips${o}fips_canister.c",
772 "-DFIPS_START \$(SHLIB_CFLAGS)");
773 $rules.=&cc_compile_target("\$(OBJ_D)${o}fips_end$obj",
774 "fips${o}fips_canister.c", "\$(SHLIB_CFLAGS)");
775 }
776 $rules.=&cc_compile_target("\$(OBJ_D)${o}fips_standalone_sha1$obj",
777 "fips${o}sha${o}fips_standalone_sha1.c",
778 "\$(SHLIB_CFLAGS)");
779 $rules.=&cc_compile_target("\$(OBJ_D)${o}\$(E_PREMAIN_DSO)$obj",
780 "fips${o}fips_premain.c",
781 "-DFINGERPRINT_PREMAIN_DSO_LOAD \$(SHLIB_CFLAGS)");
782 }
783
606foreach (values %lib_nam) 784foreach (values %lib_nam)
607 { 785 {
608 $lib_obj=$lib_obj{$_}; 786 $lib_obj=$lib_obj{$_};
@@ -613,27 +791,41 @@ foreach (values %lib_nam)
613 $rules.="\$(O_SSL):\n\n"; 791 $rules.="\$(O_SSL):\n\n";
614 next; 792 next;
615 } 793 }
616 if (($aes_asm_obj ne "") && ($_ eq "CRYPTO")) 794
617 { 795 if ((!$fips && ($_ eq "CRYPTO")) || ($fips && ($_ eq "FIPS")))
618 $lib_obj =~ s/\s(\S*\/aes_core\S*)/ \$(AES_ASM_OBJ)/;
619 $lib_obj =~ s/\s\S*\/aes_cbc\S*//;
620 $rules.=&do_asm_rule($aes_asm_obj,$aes_asm_src);
621 }
622 if (($bn_asm_obj ne "") && ($_ eq "CRYPTO"))
623 {
624 $lib_obj =~ s/\s\S*\/bn_asm\S*/ \$(BN_ASM_OBJ)/;
625 $rules.=&do_asm_rule($bn_asm_obj,$bn_asm_src);
626 }
627 if (($bnco_asm_obj ne "") && ($_ eq "CRYPTO"))
628 {
629 $lib_obj .= "\$(BNCO_ASM_OBJ)";
630 $rules.=&do_asm_rule($bnco_asm_obj,$bnco_asm_src);
631 }
632 if (($des_enc_obj ne "") && ($_ eq "CRYPTO"))
633 { 796 {
634 $lib_obj =~ s/\s\S*des_enc\S*/ \$(DES_ENC_OBJ)/; 797 if ($cpuid_asm_obj ne "")
635 $lib_obj =~ s/\s\S*\/fcrypt_b\S*\s*/ /; 798 {
636 $rules.=&do_asm_rule($des_enc_obj,$des_enc_src); 799 $lib_obj =~ s/(\S*\/cryptlib\S*)/$1 \$(CPUID_ASM_OBJ)/;
800 $rules.=&do_asm_rule($cpuid_asm_obj,$cpuid_asm_src);
801 }
802 if ($aes_asm_obj ne "")
803 {
804 $lib_obj =~ s/\s(\S*\/aes_core\S*)/ \$(AES_ASM_OBJ)/;
805 $lib_obj =~ s/\s\S*\/aes_cbc\S*//;
806 $rules.=&do_asm_rule($aes_asm_obj,$aes_asm_src);
807 }
808 if ($sha1_asm_obj ne "")
809 {
810 $lib_obj =~ s/\s(\S*\/sha1dgst\S*)/ $1 \$(SHA1_ASM_OBJ)/;
811 $rules.=&do_asm_rule($sha1_asm_obj,$sha1_asm_src);
812 }
813 if ($bn_asm_obj ne "")
814 {
815 $lib_obj =~ s/\s\S*\/bn_asm\S*/ \$(BN_ASM_OBJ)/;
816 $rules.=&do_asm_rule($bn_asm_obj,$bn_asm_src);
817 }
818 if ($bnco_asm_obj ne "")
819 {
820 $lib_obj .= "\$(BNCO_ASM_OBJ)";
821 $rules.=&do_asm_rule($bnco_asm_obj,$bnco_asm_src);
822 }
823 if ($des_enc_obj ne "")
824 {
825 $lib_obj =~ s/\s\S*des_enc\S*/ \$(DES_ENC_OBJ)/;
826 $lib_obj =~ s/\s\S*\/fcrypt_b\S*\s*/ /;
827 $rules.=&do_asm_rule($des_enc_obj,$des_enc_src);
828 }
637 } 829 }
638 if (($bf_enc_obj ne "") && ($_ eq "CRYPTO")) 830 if (($bf_enc_obj ne "") && ($_ eq "CRYPTO"))
639 { 831 {
@@ -660,21 +852,11 @@ foreach (values %lib_nam)
660 $lib_obj =~ s/\s(\S*\/md5_dgst\S*)/ $1 \$(MD5_ASM_OBJ)/; 852 $lib_obj =~ s/\s(\S*\/md5_dgst\S*)/ $1 \$(MD5_ASM_OBJ)/;
661 $rules.=&do_asm_rule($md5_asm_obj,$md5_asm_src); 853 $rules.=&do_asm_rule($md5_asm_obj,$md5_asm_src);
662 } 854 }
663 if (($sha1_asm_obj ne "") && ($_ eq "CRYPTO"))
664 {
665 $lib_obj =~ s/\s(\S*\/sha1dgst\S*)/ $1 \$(SHA1_ASM_OBJ)/;
666 $rules.=&do_asm_rule($sha1_asm_obj,$sha1_asm_src);
667 }
668 if (($rmd160_asm_obj ne "") && ($_ eq "CRYPTO")) 855 if (($rmd160_asm_obj ne "") && ($_ eq "CRYPTO"))
669 { 856 {
670 $lib_obj =~ s/\s(\S*\/rmd_dgst\S*)/ $1 \$(RMD160_ASM_OBJ)/; 857 $lib_obj =~ s/\s(\S*\/rmd_dgst\S*)/ $1 \$(RMD160_ASM_OBJ)/;
671 $rules.=&do_asm_rule($rmd160_asm_obj,$rmd160_asm_src); 858 $rules.=&do_asm_rule($rmd160_asm_obj,$rmd160_asm_src);
672 } 859 }
673 if (($cpuid_asm_obj ne "") && ($_ eq "CRYPTO"))
674 {
675 $lib_obj =~ s/\s(\S*\/cversion\S*)/ $1 \$(CPUID_ASM_OBJ)/;
676 $rules.=&do_asm_rule($cpuid_asm_obj,$cpuid_asm_src);
677 }
678 $defs.=&do_defs(${_}."OBJ",$lib_obj,"\$(OBJ_D)",$obj); 860 $defs.=&do_defs(${_}."OBJ",$lib_obj,"\$(OBJ_D)",$obj);
679 $lib=($slib)?" \$(SHLIB_CFLAGS)".$shlib_ex_cflags{$_}:" \$(LIB_CFLAGS)"; 861 $lib=($slib)?" \$(SHLIB_CFLAGS)".$shlib_ex_cflags{$_}:" \$(LIB_CFLAGS)";
680 $rules.=&do_compile_rule("\$(OBJ_D)",$lib_obj{$_},$lib); 862 $rules.=&do_compile_rule("\$(OBJ_D)",$lib_obj{$_},$lib);
@@ -689,15 +871,43 @@ if (($platform eq "VC-WIN32") || ($platform eq "VC-NT")) {
689\$(OBJ_D)\\\$(SSL).res: ms\\version32.rc 871\$(OBJ_D)\\\$(SSL).res: ms\\version32.rc
690 \$(RSC) /fo"\$(OBJ_D)\\\$(SSL).res" /d SSL ms\\version32.rc 872 \$(RSC) /fo"\$(OBJ_D)\\\$(SSL).res" /d SSL ms\\version32.rc
691 873
874\$(OBJ_D)\\\$(LIBFIPS).res: ms\\version32.rc
875 \$(RSC) /fo"\$(OBJ_D)\\\$(LIBFIPS).res" /d FIPS ms\\version32.rc
876
692EOF 877EOF
693} 878}
694 879
695$defs.=&do_defs("T_EXE",$test,"\$(TEST_D)",$exep); 880$defs.=&do_defs("T_EXE",$test,"\$(TEST_D)",$exep);
696foreach (split(/\s+/,$test)) 881foreach (split(/\s+/,$test))
697 { 882 {
883 my $t_libs;
698 $t=&bname($_); 884 $t=&bname($_);
885 my $ltype;
886 # Check to see if test program is FIPS
887 if ($fips && /fips/)
888 {
889 # If fipsdso link to libosslfips.dll
890 # otherwise perform static link to
891 # $(O_FIPSCANISTER)
892 if ($fipsdso)
893 {
894 $t_libs = "\$(L_FIPS)";
895 $ltype = 0;
896 }
897 else
898 {
899 $t_libs = "\$(O_FIPSCANISTER)";
900 $ltype = 2;
901 }
902 }
903 else
904 {
905 $t_libs = "\$(L_LIBS)";
906 $ltype = 0;
907 }
908
699 $tt="\$(OBJ_D)${o}$t${obj}"; 909 $tt="\$(OBJ_D)${o}$t${obj}";
700 $rules.=&do_link_rule("\$(TEST_D)$o$t$exep",$tt,"\$(LIBS_DEP)","\$(L_LIBS) \$(EX_LIBS)"); 910 $rules.=&do_link_rule("\$(TEST_D)$o$t$exep",$tt,"\$(LIBS_DEP)","$t_libs \$(EX_LIBS)", $ltype);
701 } 911 }
702 912
703$defs.=&do_defs("E_SHLIB",$engines,"\$(ENG_D)",$shlibp); 913$defs.=&do_defs("E_SHLIB",$engines,"\$(ENG_D)",$shlibp);
@@ -711,9 +921,69 @@ foreach (split(/\s+/,$engines))
711 921
712 922
713$rules.= &do_lib_rule("\$(SSLOBJ)","\$(O_SSL)",$ssl,$shlib,"\$(SO_SSL)"); 923$rules.= &do_lib_rule("\$(SSLOBJ)","\$(O_SSL)",$ssl,$shlib,"\$(SO_SSL)");
714$rules.= &do_lib_rule("\$(CRYPTOOBJ)","\$(O_CRYPTO)",$crypto,$shlib,"\$(SO_CRYPTO)");
715 924
716$rules.=&do_link_rule("\$(BIN_D)$o\$(E_EXE)$exep","\$(E_OBJ)","\$(LIBS_DEP)","\$(L_LIBS) \$(EX_LIBS)"); 925if ($fips)
926 {
927 if ($shlib)
928 {
929 if ($fipsdso)
930 {
931 $rules.= &do_lib_rule("\$(CRYPTOOBJ)",
932 "\$(O_CRYPTO)", "$crypto",
933 $shlib, "", "");
934 $rules.= &do_lib_rule(
935 "\$(O_FIPSCANISTER)",
936 "\$(O_FIPS)", "\$(LIBFIPS)",
937 $shlib, "\$(SO_CRYPTO)", "\$(BASEADDR)");
938 $rules.= &do_sdef_rule();
939 }
940 else
941 {
942 $rules.= &do_lib_rule(
943 "\$(CRYPTOOBJ) \$(O_FIPSCANISTER)",
944 "\$(O_CRYPTO)", "$crypto",
945 $shlib, "\$(SO_CRYPTO)", "\$(BASEADDR)");
946 }
947 }
948 else
949 {
950 $rules.= &do_lib_rule("\$(CRYPTOOBJ)",
951 "\$(O_CRYPTO)",$crypto,$shlib,"\$(SO_CRYPTO)", "");
952 $rules.= &do_lib_rule("\$(CRYPTOOBJ) \$(FIPSOBJ)",
953 "\$(LIB_D)$o$crypto_compat",$crypto,$shlib,"\$(SO_CRYPTO)", "");
954 }
955 }
956 else
957 {
958 $rules.= &do_lib_rule("\$(CRYPTOOBJ)","\$(O_CRYPTO)",$crypto,$shlib,
959 "\$(SO_CRYPTO)");
960 }
961
962if ($fips)
963 {
964 if ($fipscanisterbuild)
965 {
966 $rules.= &do_rlink_rule("\$(O_FIPSCANISTER)",
967 "\$(OBJ_D)${o}fips_start$obj",
968 "\$(FIPSOBJ)",
969 "\$(OBJ_D)${o}fips_end$obj",
970 "\$(FIPS_SHA1_EXE)", "");
971 $rules.=&do_link_rule("\$(FIPS_SHA1_EXE)",
972 "\$(OBJ_D)${o}fips_standalone_sha1$obj \$(OBJ_D)${o}sha1dgst$obj \$(SHA1_ASM_OBJ)",
973 "","\$(EX_LIBS)", 1);
974 }
975 else
976 {
977 $rules.=&do_link_rule("\$(FIPS_SHA1_EXE)",
978 "\$(OBJ_D)${o}fips_standalone_sha1$obj \$(O_FIPSCANISTER)",
979 "","", 1);
980
981 }
982 $rules.=&do_link_rule("\$(PREMAIN_DSO_EXE)","\$(OBJ_D)${o}\$(E_PREMAIN_DSO)$obj \$(CRYPTOOBJ) \$(O_FIPSCANISTER)","","\$(EX_LIBS)", 1);
983
984 }
985
986$rules.=&do_link_rule("\$(BIN_D)$o\$(E_EXE)$exep","\$(E_OBJ)","\$(LIBS_DEP)","\$(L_LIBS) \$(EX_LIBS)", ($fips && !$shlib) ? 2 : 0);
717 987
718print $defs; 988print $defs;
719 989
@@ -751,6 +1021,8 @@ sub var_add
751 return("") if $no_dh && $dir =~ /\/dh/; 1021 return("") if $no_dh && $dir =~ /\/dh/;
752 return("") if $no_ec && $dir =~ /\/ec/; 1022 return("") if $no_ec && $dir =~ /\/ec/;
753 return("") if $no_cms && $dir =~ /\/cms/; 1023 return("") if $no_cms && $dir =~ /\/cms/;
1024 return("") if $no_jpake && $dir =~ /\/jpake/;
1025 return("") if !$fips && $dir =~ /^fips/;
754 if ($no_des && $dir =~ /\/des/) 1026 if ($no_des && $dir =~ /\/des/)
755 { 1027 {
756 if ($val =~ /read_pwd/) 1028 if ($val =~ /read_pwd/)
@@ -1010,6 +1282,7 @@ sub read_options
1010 "no-hmac" => \$no_hmac, 1282 "no-hmac" => \$no_hmac,
1011 "no-asm" => \$no_asm, 1283 "no-asm" => \$no_asm,
1012 "nasm" => \$nasm, 1284 "nasm" => \$nasm,
1285 "ml64" => \$ml64,
1013 "nw-nasm" => \$nw_nasm, 1286 "nw-nasm" => \$nw_nasm,
1014 "nw-mwasm" => \$nw_mwasm, 1287 "nw-mwasm" => \$nw_mwasm,
1015 "gaswin" => \$gaswin, 1288 "gaswin" => \$gaswin,
@@ -1017,6 +1290,8 @@ sub read_options
1017 "no-ssl3" => \$no_ssl3, 1290 "no-ssl3" => \$no_ssl3,
1018 "no-tlsext" => \$no_tlsext, 1291 "no-tlsext" => \$no_tlsext,
1019 "no-cms" => \$no_cms, 1292 "no-cms" => \$no_cms,
1293 "no-jpake" => \$no_jpake,
1294 "no-capieng" => \$no_capieng,
1020 "no-err" => \$no_err, 1295 "no-err" => \$no_err,
1021 "no-sock" => \$no_sock, 1296 "no-sock" => \$no_sock,
1022 "no-krb5" => \$no_krb5, 1297 "no-krb5" => \$no_krb5,
@@ -1043,6 +1318,9 @@ sub read_options
1043 "no-shared" => 0, 1318 "no-shared" => 0,
1044 "no-zlib" => 0, 1319 "no-zlib" => 0,
1045 "no-zlib-dynamic" => 0, 1320 "no-zlib-dynamic" => 0,
1321 "fips" => \$fips,
1322 "fipscanisterbuild" => [\$fips, \$fipscanisterbuild],
1323 "fipsdso" => [\$fips, \$fipscanisterbuild, \$fipsdso],
1046 ); 1324 );
1047 1325
1048 if (exists $valid_options{$_}) 1326 if (exists $valid_options{$_})
@@ -1084,6 +1362,18 @@ sub read_options
1084 {return 1;} 1362 {return 1;}
1085 return 0; 1363 return 0;
1086 } 1364 }
1365 # experimental-xxx is mostly like enable-xxx, but opensslconf.v
1366 # will still set OPENSSL_NO_xxx unless we set OPENSSL_EXPERIMENTAL_xxx.
1367 # (No need to fail if we don't know the algorithm -- this is for adventurous users only.)
1368 elsif (/^experimental-/)
1369 {
1370 my $algo, $ALGO;
1371 ($algo = $_) =~ s/^experimental-//;
1372 ($ALGO = $algo) =~ tr/[a-z]/[A-Z]/;
1373
1374 $xcflags="-DOPENSSL_EXPERIMENTAL_$ALGO $xcflags";
1375
1376 }
1087 elsif (/^--with-krb5-flavor=(.*)$/) 1377 elsif (/^--with-krb5-flavor=(.*)$/)
1088 { 1378 {
1089 my $krb5_flavor = $1; 1379 my $krb5_flavor = $1;
@@ -1107,3 +1397,31 @@ sub read_options
1107 else { return(0); } 1397 else { return(0); }
1108 return(1); 1398 return(1);
1109 } 1399 }
1400
1401sub fipslib_error
1402 {
1403 print STDERR "***FIPS module directory sanity check failed***\n";
1404 print STDERR "FIPS module build failed, or was deleted\n";
1405 print STDERR "Please rebuild FIPS module.\n";
1406 exit 1;
1407 }
1408
1409sub fips_check_files
1410 {
1411 my $dir = shift @_;
1412 my $ret = 1;
1413 if (!-d $dir)
1414 {
1415 print STDERR "FIPS module directory $dir does not exist\n";
1416 fipslib_error();
1417 }
1418 foreach (@_)
1419 {
1420 if (!-f "$dir${o}$_")
1421 {
1422 print STDERR "FIPS module file $_ does not exist!\n";
1423 $ret = 0;
1424 }
1425 }
1426 fipslib_error() if ($ret == 0);
1427 }
diff --git a/src/lib/libcrypto/util/mkdef.pl b/src/lib/libcrypto/util/mkdef.pl
index ef1cc6e513..5ae9ebb619 100644
--- a/src/lib/libcrypto/util/mkdef.pl
+++ b/src/lib/libcrypto/util/mkdef.pl
@@ -79,7 +79,7 @@ my $OS2=0;
79my $safe_stack_def = 0; 79my $safe_stack_def = 0;
80 80
81my @known_platforms = ( "__FreeBSD__", "PERL5", "NeXT", 81my @known_platforms = ( "__FreeBSD__", "PERL5", "NeXT",
82 "EXPORT_VAR_AS_FUNCTION", "ZLIB" ); 82 "EXPORT_VAR_AS_FUNCTION", "ZLIB", "OPENSSL_FIPS");
83my @known_ossl_platforms = ( "VMS", "WIN16", "WIN32", "WINNT", "OS2" ); 83my @known_ossl_platforms = ( "VMS", "WIN16", "WIN32", "WINNT", "OS2" );
84my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF", 84my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF",
85 "CAST", "MD2", "MD4", "MD5", "SHA", "SHA0", "SHA1", 85 "CAST", "MD2", "MD4", "MD5", "SHA", "SHA0", "SHA1",
@@ -100,6 +100,10 @@ my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF",
100 "TLSEXT", 100 "TLSEXT",
101 # CMS 101 # CMS
102 "CMS", 102 "CMS",
103 # CryptoAPI Engine
104 "CAPIENG",
105 # JPAKE
106 "JPAKE",
103 # Deprecated functions 107 # Deprecated functions
104 "DEPRECATED" ); 108 "DEPRECATED" );
105 109
@@ -120,7 +124,8 @@ my $no_rsa; my $no_dsa; my $no_dh; my $no_hmac=0; my $no_aes; my $no_krb5;
120my $no_ec; my $no_ecdsa; my $no_ecdh; my $no_engine; my $no_hw; my $no_camellia; 124my $no_ec; my $no_ecdsa; my $no_ecdh; my $no_engine; my $no_hw; my $no_camellia;
121my $no_seed; 125my $no_seed;
122my $no_fp_api; my $no_static_engine; my $no_gmp; my $no_deprecated; 126my $no_fp_api; my $no_static_engine; my $no_gmp; my $no_deprecated;
123my $no_rfc3779; my $no_tlsext; my $no_cms; 127my $no_rfc3779; my $no_tlsext; my $no_cms; my $no_capieng; my $no_jpake;
128my $fips;
124 129
125 130
126foreach (@ARGV, split(/ /, $options)) 131foreach (@ARGV, split(/ /, $options))
@@ -142,12 +147,13 @@ foreach (@ARGV, split(/ /, $options))
142 } 147 }
143 $VMS=1 if $_ eq "VMS"; 148 $VMS=1 if $_ eq "VMS";
144 $OS2=1 if $_ eq "OS2"; 149 $OS2=1 if $_ eq "OS2";
150 $fips=1 if /^fips/;
151
145 if ($_ eq "zlib" || $_ eq "zlib-dynamic" 152 if ($_ eq "zlib" || $_ eq "zlib-dynamic"
146 || $_ eq "enable-zlib-dynamic") { 153 || $_ eq "enable-zlib-dynamic") {
147 $zlib = 1; 154 $zlib = 1;
148 } 155 }
149 156
150
151 $do_ssl=1 if $_ eq "ssleay"; 157 $do_ssl=1 if $_ eq "ssleay";
152 if ($_ eq "ssl") { 158 if ($_ eq "ssl") {
153 $do_ssl=1; 159 $do_ssl=1;
@@ -206,6 +212,8 @@ foreach (@ARGV, split(/ /, $options))
206 elsif (/^no-rfc3779$/) { $no_rfc3779=1; } 212 elsif (/^no-rfc3779$/) { $no_rfc3779=1; }
207 elsif (/^no-tlsext$/) { $no_tlsext=1; } 213 elsif (/^no-tlsext$/) { $no_tlsext=1; }
208 elsif (/^no-cms$/) { $no_cms=1; } 214 elsif (/^no-cms$/) { $no_cms=1; }
215 elsif (/^no-capieng$/) { $no_capieng=1; }
216 elsif (/^no-jpake$/) { $no_jpake=1; }
209 } 217 }
210 218
211 219
@@ -302,6 +310,8 @@ $crypto.=" crypto/tmdiff.h";
302$crypto.=" crypto/store/store.h"; 310$crypto.=" crypto/store/store.h";
303$crypto.=" crypto/pqueue/pqueue.h"; 311$crypto.=" crypto/pqueue/pqueue.h";
304$crypto.=" crypto/cms/cms.h"; 312$crypto.=" crypto/cms/cms.h";
313$crypto.=" crypto/jpake/jpake.h";
314$crypto.=" fips/fips.h fips/rand/fips_rand.h";
305 315
306my $symhacks="crypto/symhacks.h"; 316my $symhacks="crypto/symhacks.h";
307 317
@@ -1087,6 +1097,9 @@ sub is_valid
1087 if ($keyword eq "EXPORT_VAR_AS_FUNCTION" && ($VMSVAX || $W32 || $W16)) { 1097 if ($keyword eq "EXPORT_VAR_AS_FUNCTION" && ($VMSVAX || $W32 || $W16)) {
1088 return 1; 1098 return 1;
1089 } 1099 }
1100 if ($keyword eq "OPENSSL_FIPS" && $fips) {
1101 return 1;
1102 }
1090 if ($keyword eq "ZLIB" && $zlib) { return 1; } 1103 if ($keyword eq "ZLIB" && $zlib) { return 1; }
1091 return 0; 1104 return 0;
1092 } else { 1105 } else {
@@ -1131,6 +1144,8 @@ sub is_valid
1131 if ($keyword eq "RFC3779" && $no_rfc3779) { return 0; } 1144 if ($keyword eq "RFC3779" && $no_rfc3779) { return 0; }
1132 if ($keyword eq "TLSEXT" && $no_tlsext) { return 0; } 1145 if ($keyword eq "TLSEXT" && $no_tlsext) { return 0; }
1133 if ($keyword eq "CMS" && $no_cms) { return 0; } 1146 if ($keyword eq "CMS" && $no_cms) { return 0; }
1147 if ($keyword eq "CAPIENG" && $no_capieng) { return 0; }
1148 if ($keyword eq "JPAKE" && $no_jpake) { return 0; }
1134 if ($keyword eq "DEPRECATED" && $no_deprecated) { return 0; } 1149 if ($keyword eq "DEPRECATED" && $no_deprecated) { return 0; }
1135 1150
1136 # Nothing recognise as true 1151 # Nothing recognise as true
diff --git a/src/lib/libcrypto/util/mkfiles.pl b/src/lib/libcrypto/util/mkfiles.pl
index 1282392fea..67fb8694c8 100644
--- a/src/lib/libcrypto/util/mkfiles.pl
+++ b/src/lib/libcrypto/util/mkfiles.pl
@@ -47,6 +47,7 @@ my @dirs = (
47"crypto/x509", 47"crypto/x509",
48"crypto/x509v3", 48"crypto/x509v3",
49"crypto/conf", 49"crypto/conf",
50"crypto/jpake",
50"crypto/txt_db", 51"crypto/txt_db",
51"crypto/pkcs7", 52"crypto/pkcs7",
52"crypto/pkcs12", 53"crypto/pkcs12",
@@ -58,6 +59,15 @@ my @dirs = (
58"crypto/store", 59"crypto/store",
59"crypto/pqueue", 60"crypto/pqueue",
60"crypto/cms", 61"crypto/cms",
62"fips",
63"fips/aes",
64"fips/des",
65"fips/dsa",
66"fips/dh",
67"fips/hmac",
68"fips/rand",
69"fips/rsa",
70"fips/sha",
61"ssl", 71"ssl",
62"apps", 72"apps",
63"engines", 73"engines",
diff --git a/src/lib/libcrypto/util/mklink.pl b/src/lib/libcrypto/util/mklink.pl
index d9bc98aab8..eacc327882 100644
--- a/src/lib/libcrypto/util/mklink.pl
+++ b/src/lib/libcrypto/util/mklink.pl
@@ -15,13 +15,21 @@
15# Apart from this, this script should be able to handle even the most 15# Apart from this, this script should be able to handle even the most
16# pathological cases. 16# pathological cases.
17 17
18use Cwd; 18my $pwd;
19eval 'use Cwd;';
20if ($@)
21 {
22 $pwd = `pwd`;
23 }
24else
25 {
26 $pwd = getcwd();
27 }
19 28
20my $from = shift; 29my $from = shift;
21my @files = @ARGV; 30my @files = @ARGV;
22 31
23my @from_path = split(/[\\\/]/, $from); 32my @from_path = split(/[\\\/]/, $from);
24my $pwd = getcwd();
25chomp($pwd); 33chomp($pwd);
26my @pwd_path = split(/[\\\/]/, $pwd); 34my @pwd_path = split(/[\\\/]/, $pwd);
27 35
diff --git a/src/lib/libcrypto/util/mksdef.pl b/src/lib/libcrypto/util/mksdef.pl
new file mode 100644
index 0000000000..065dc675f1
--- /dev/null
+++ b/src/lib/libcrypto/util/mksdef.pl
@@ -0,0 +1,87 @@
1
2# Perl script to split libeay32.def into two distinct DEF files for use in
3# fipdso mode. It works out symbols in each case by running "link" command and
4# parsing the output to find the list of missing symbols then splitting
5# libeay32.def based on the result.
6
7
8# Get list of unknown symbols
9
10my @deferr = `link @ARGV`;
11
12my $preamble = "";
13my @fipsdll;
14my @fipsrest;
15my %nosym;
16
17# Add symbols to a hash for easy lookup
18
19foreach (@deferr)
20 {
21 if (/^.*symbol (\S+)$/)
22 {
23 $nosym{$1} = 1;
24 }
25 }
26
27open (IN, "ms/libeay32.def") || die "Can't Open DEF file for spliting";
28
29my $started = 0;
30
31# Parse libeay32.def into two arrays depending on whether the symbol matches
32# the missing list.
33
34
35foreach (<IN>)
36 {
37 if (/^\s*(\S+)\s*(\@\S+)\s*$/)
38 {
39 $started = 1;
40 if (exists $nosym{$1})
41 {
42 push @fipsrest, $_;
43 }
44 else
45 {
46 my $imptmp = sprintf " %-39s %s\n",
47 "$1=libosslfips.$1", $2;
48 push @fipsrest, $imptmp;
49 push @fipsdll, "\t$1\n";
50 }
51 }
52 $preamble .= $_ unless $started;
53 }
54
55close IN;
56
57# Hack! Add some additional exports needed for libcryptofips.dll
58#
59
60push @fipsdll, "\tOPENSSL_showfatal\n";
61push @fipsdll, "\tOPENSSL_cpuid_setup\n";
62
63# Write out DEF files for each array
64
65write_def("ms/libosslfips.def", "LIBOSSLFIPS", $preamble, \@fipsdll);
66write_def("ms/libeayfips.def", "", $preamble, \@fipsrest);
67
68
69sub write_def
70 {
71 my ($fnam, $defname, $preamble, $rdefs) = @_;
72 open (OUT, ">$fnam") || die "Can't Open DEF file $fnam for Writing\n";
73
74 if ($defname ne "")
75 {
76 $preamble =~ s/LIBEAY32/$defname/g;
77 $preamble =~ s/LIBEAY/$defname/g;
78 }
79 print OUT $preamble;
80 foreach (@$rdefs)
81 {
82 print OUT $_;
83 }
84 close OUT;
85 }
86
87
diff --git a/src/lib/libcrypto/util/pl/VC-32.pl b/src/lib/libcrypto/util/pl/VC-32.pl
index 9cb2ab7e99..730c2083bd 100644
--- a/src/lib/libcrypto/util/pl/VC-32.pl
+++ b/src/lib/libcrypto/util/pl/VC-32.pl
@@ -4,12 +4,26 @@
4# 4#
5 5
6$ssl= "ssleay32"; 6$ssl= "ssleay32";
7$crypto="libeay32"; 7
8if ($fips && !$shlib)
9 {
10 $crypto="libeayfips32";
11 $crypto_compat = "libeaycompat32.lib";
12 }
13else
14 {
15 $crypto="libeay32";
16 }
17
18if ($fipscanisterbuild)
19 {
20 $fips_canister_path = "\$(LIB_D)\\fipscanister.lib";
21 }
8 22
9$o='\\'; 23$o='\\';
10$cp='$(PERL) util/copy.pl'; 24$cp='$(PERL) util/copy.pl';
11$mkdir='$(PERL) util/mkdir-p.pl'; 25$mkdir='$(PERL) util/mkdir-p.pl';
12$rm='del'; 26$rm='del /Q';
13 27
14$zlib_lib="zlib1.lib"; 28$zlib_lib="zlib1.lib";
15 29
@@ -96,7 +110,7 @@ else # Win32
96 $base_cflags=' /W3 /WX /Gs0 /GF /Gy /nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DDSO_WIN32'; 110 $base_cflags=' /W3 /WX /Gs0 /GF /Gy /nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DDSO_WIN32';
97 $base_cflags.=' -D_CRT_SECURE_NO_DEPRECATE'; # shut up VC8 111 $base_cflags.=' -D_CRT_SECURE_NO_DEPRECATE'; # shut up VC8
98 $base_cflags.=' -D_CRT_NONSTDC_NO_DEPRECATE'; # shut up VC8 112 $base_cflags.=' -D_CRT_NONSTDC_NO_DEPRECATE'; # shut up VC8
99 my $f = $shlib?' /MD':' /MT'; 113 my $f = $shlib || $fips ?' /MD':' /MT';
100 $lib_cflag='/Zl' if (!$shlib); # remove /DEFAULTLIBs from static lib 114 $lib_cflag='/Zl' if (!$shlib); # remove /DEFAULTLIBs from static lib
101 $opt_cflags=$f.' /Ox /O2 /Ob2'; 115 $opt_cflags=$f.' /Ox /O2 /Ob2';
102 $dbg_cflags=$f.'d /Od -DDEBUG -D_DEBUG'; 116 $dbg_cflags=$f.'d /Od -DDEBUG -D_DEBUG';
@@ -138,7 +152,7 @@ if ($FLAVOR =~ /CE/)
138 } 152 }
139else 153else
140 { 154 {
141 $ex_libs.=' gdi32.lib advapi32.lib user32.lib'; 155 $ex_libs.=' gdi32.lib crypt32.lib advapi32.lib user32.lib';
142 $ex_libs.=' bufferoverflowu.lib' if ($FLAVOR =~ /WIN64/); 156 $ex_libs.=' bufferoverflowu.lib' if ($FLAVOR =~ /WIN64/);
143 } 157 }
144 158
@@ -165,12 +179,17 @@ if ($nasm) {
165 # pick newest version 179 # pick newest version
166 $asm=($ver gt $vew?"nasm":"nasmw")." -f win32"; 180 $asm=($ver gt $vew?"nasm":"nasmw")." -f win32";
167 $afile='-o '; 181 $afile='-o ';
182} elsif ($ml64) {
183 $asm='ml64 /c /Cp /Cx';
184 $asm.=' /Zi' if $debug;
185 $afile='/Fo';
168} else { 186} else {
169 $asm='ml /Cp /coff /c /Cx'; 187 $asm='ml /Cp /coff /c /Cx';
170 $asm.=" /Zi" if $debug; 188 $asm.=" /Zi" if $debug;
171 $afile='/Fo'; 189 $afile='/Fo';
172} 190}
173 191
192$aes_asm_obj='';
174$bn_asm_obj=''; 193$bn_asm_obj='';
175$bn_asm_src=''; 194$bn_asm_src='';
176$des_enc_obj=''; 195$des_enc_obj='';
@@ -179,11 +198,13 @@ $bf_enc_obj='';
179$bf_enc_src=''; 198$bf_enc_src='';
180 199
181if (!$no_asm) 200if (!$no_asm)
201 {
202 if ($FLAVOR =~ "WIN32")
182 { 203 {
183 $aes_asm_obj='crypto\aes\asm\a_win32.obj'; 204 $aes_asm_obj='crypto\aes\asm\a_win32.obj';
184 $aes_asm_src='crypto\aes\asm\a_win32.asm'; 205 $aes_asm_src='crypto\aes\asm\a_win32.asm';
185 $bn_asm_obj='crypto\bn\asm\bn_win32.obj'; 206 $bn_asm_obj='crypto\bn\asm\bn_win32.obj crypto\bn\asm\mt_win32.obj';
186 $bn_asm_src='crypto\bn\asm\bn_win32.asm'; 207 $bn_asm_src='crypto\bn\asm\bn_win32.asm crypto\bn\asm\mt_win32.asm';
187 $bnco_asm_obj='crypto\bn\asm\co_win32.obj'; 208 $bnco_asm_obj='crypto\bn\asm\co_win32.obj';
188 $bnco_asm_src='crypto\bn\asm\co_win32.asm'; 209 $bnco_asm_src='crypto\bn\asm\co_win32.asm';
189 $des_enc_obj='crypto\des\asm\d_win32.obj crypto\des\asm\y_win32.obj'; 210 $des_enc_obj='crypto\des\asm\d_win32.obj crypto\des\asm\y_win32.obj';
@@ -204,12 +225,26 @@ if (!$no_asm)
204 $rmd160_asm_src='crypto\ripemd\asm\rm_win32.asm'; 225 $rmd160_asm_src='crypto\ripemd\asm\rm_win32.asm';
205 $cpuid_asm_obj='crypto\cpu_win32.obj'; 226 $cpuid_asm_obj='crypto\cpu_win32.obj';
206 $cpuid_asm_src='crypto\cpu_win32.asm'; 227 $cpuid_asm_src='crypto\cpu_win32.asm';
207 $cflags.=" -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DAES_ASM -DBN_ASM -DOPENSSL_BN_ASM_PART_WORDS -DMD5_ASM -DSHA1_ASM -DRMD160_ASM"; 228 $cflags.=" -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DAES_ASM -DBN_ASM -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_BN_ASM_MONT -DMD5_ASM -DSHA1_ASM -DRMD160_ASM";
208 } 229 }
230 elsif ($FLAVOR =~ "WIN64A")
231 {
232 $aes_asm_obj='$(OBJ_D)\aes-x86_64.obj';
233 $aes_asm_src='crypto\aes\asm\aes-x86_64.asm';
234 $bn_asm_obj='$(OBJ_D)\x86_64-mont.obj $(OBJ_D)\bn_asm.obj';
235 $bn_asm_src='crypto\bn\asm\x86_64-mont.asm';
236 $sha1_asm_obj='$(OBJ_D)\sha1-x86_64.obj $(OBJ_D)\sha256-x86_64.obj $(OBJ_D)\sha512-x86_64.obj';
237 $sha1_asm_src='crypto\sha\asm\sha1-x86_64.asm crypto\sha\asm\sha256-x86_64.asm crypto\sha\asm\sha512-x86_64.asm';
238 $cpuid_asm_obj='$(OBJ_D)\cpuid-x86_64.obj';
239 $cpuid_asm_src='crypto\cpuid-x86_64.asm';
240 $cflags.=" -DOPENSSL_CPUID_OBJ -DAES_ASM -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM";
241 }
242 }
209 243
210if ($shlib && $FLAVOR !~ /CE/) 244if ($shlib && $FLAVOR !~ /CE/)
211 { 245 {
212 $mlflags.=" $lflags /dll"; 246 $mlflags.=" $lflags /dll";
247# $cflags =~ s| /MD| /MT|;
213 $lib_cflag=" -D_WINDLL"; 248 $lib_cflag=" -D_WINDLL";
214 $out_def="out32dll"; 249 $out_def="out32dll";
215 $tmp_def="tmp32dll"; 250 $tmp_def="tmp32dll";
@@ -232,8 +267,8 @@ $(INCO_D)\applink.c: ms\applink.c
232EXHEADER= $(EXHEADER) $(INCO_D)\applink.c 267EXHEADER= $(EXHEADER) $(INCO_D)\applink.c
233 268
234LIBS_DEP=$(LIBS_DEP) $(OBJ_D)\applink.obj 269LIBS_DEP=$(LIBS_DEP) $(OBJ_D)\applink.obj
235CRYPTOOBJ=$(OBJ_D)\uplink.obj $(CRYPTOOBJ)
236___ 270___
271$banner .= "CRYPTOOBJ=\$(OBJ_D)\\uplink.obj \$(CRYPTOOBJ)\n";
237 $banner.=<<'___' if ($FLAVOR =~ /WIN64/); 272 $banner.=<<'___' if ($FLAVOR =~ /WIN64/);
238CRYPTOOBJ=ms\uptable.obj $(CRYPTOOBJ) 273CRYPTOOBJ=ms\uptable.obj $(CRYPTOOBJ)
239___ 274___
@@ -250,30 +285,64 @@ $cflags.=" /Fd$out_def";
250 285
251sub do_lib_rule 286sub do_lib_rule
252 { 287 {
253 local($objs,$target,$name,$shlib)=@_; 288 my($objs,$target,$name,$shlib,$ign,$base_addr) = @_;
254 local($ret); 289 local($ret);
255 290
256 $taget =~ s/\//$o/g if $o ne '/'; 291 $taget =~ s/\//$o/g if $o ne '/';
257 if ($name ne "") 292 my $base_arg;
293 if ($base_addr ne "")
294 {
295 $base_arg= " /base:$base_addr";
296 }
297 else
298 {
299 $base_arg = "";
300 }
301 if ($target =~ /O_CRYPTO/ && $fipsdso)
302 {
303 $name = "/def:ms/libeayfips.def";
304 }
305 elsif ($name ne "")
258 { 306 {
259 $name =~ tr/a-z/A-Z/; 307 $name =~ tr/a-z/A-Z/;
260 $name = "/def:ms/${name}.def"; 308 $name = "/def:ms/${name}.def";
261 } 309 }
262 310
263# $target="\$(LIB_D)$o$target"; 311# $target="\$(LIB_D)$o$target";
264 $ret.="$target: $objs\n"; 312# $ret.="$target: $objs\n";
265 if (!$shlib) 313 if (!$shlib)
266 { 314 {
267# $ret.="\t\$(RM) \$(O_$Name)\n"; 315# $ret.="\t\$(RM) \$(O_$Name)\n";
268 $ex =' '; 316 $ex =' ';
317 $ret.="$target: $objs\n";
269 $ret.="\t\$(MKLIB) $lfile$target @<<\n $objs $ex\n<<\n"; 318 $ret.="\t\$(MKLIB) $lfile$target @<<\n $objs $ex\n<<\n";
270 } 319 }
271 else 320 else
272 { 321 {
273 local($ex)=($target =~ /O_CRYPTO/)?'':' $(L_CRYPTO)'; 322 my $ex = "";
323 if ($target =~ /O_SSL/)
324 {
325 $ex .= " \$(L_CRYPTO)";
326 #$ex .= " \$(L_FIPS)" if $fipsdso;
327 }
328 my $fipstarget;
329 if ($fipsdso)
330 {
331 $fipstarget = "O_FIPS";
332 }
333 else
334 {
335 $fipstarget = "O_CRYPTO";
336 }
337
338
274 if ($name eq "") 339 if ($name eq "")
275 { 340 {
276 $ex.=' bufferoverflowu.lib' if ($FLAVOR =~ /WIN64/); 341 $ex.=' bufferoverflowu.lib' if ($FLAVOR =~ /WIN64/);
342 if ($target =~ /capi/)
343 {
344 $ex.=' crypt32.lib advapi32.lib';
345 }
277 } 346 }
278 elsif ($FLAVOR =~ /CE/) 347 elsif ($FLAVOR =~ /CE/)
279 { 348 {
@@ -283,10 +352,43 @@ sub do_lib_rule
283 { 352 {
284 $ex.=' unicows.lib' if ($FLAVOR =~ /NT/); 353 $ex.=' unicows.lib' if ($FLAVOR =~ /NT/);
285 $ex.=' wsock32.lib gdi32.lib advapi32.lib user32.lib'; 354 $ex.=' wsock32.lib gdi32.lib advapi32.lib user32.lib';
355 $ex.=' crypt32.lib';
286 $ex.=' bufferoverflowu.lib' if ($FLAVOR =~ /WIN64/); 356 $ex.=' bufferoverflowu.lib' if ($FLAVOR =~ /WIN64/);
287 } 357 }
288 $ex.=" $zlib_lib" if $zlib_opt == 1 && $target =~ /O_CRYPTO/; 358 $ex.=" $zlib_lib" if $zlib_opt == 1 && $target =~ /O_CRYPTO/;
289 $ret.="\t\$(LINK) \$(MLFLAGS) $efile$target $name @<<\n \$(SHLIB_EX_OBJ) $objs $ex\n<<\n"; 359
360 if ($fips && $target =~ /$fipstarget/)
361 {
362 $ex.= $mwex unless $fipscanisterbuild;
363 $ret.="$target: $objs \$(PREMAIN_DSO_EXE)";
364 if ($fipsdso)
365 {
366 $ex.=" \$(OBJ_D)\\\$(LIBFIPS).res";
367 $ret.=" \$(OBJ_D)\\\$(LIBFIPS).res";
368 $ret.=" ms/\$(LIBFIPS).def";
369 }
370 $ret.="\n\tSET FIPS_LINK=\$(LINK)\n";
371 $ret.="\tSET FIPS_CC=\$(CC)\n";
372 $ret.="\tSET FIPS_CC_ARGS=/Fo\$(OBJ_D)${o}fips_premain.obj \$(SHLIB_CFLAGS) -c\n";
373 $ret.="\tSET PREMAIN_DSO_EXE=\$(PREMAIN_DSO_EXE)\n";
374 $ret.="\tSET FIPS_SHA1_EXE=\$(FIPS_SHA1_EXE)\n";
375 $ret.="\tSET FIPS_TARGET=$target\n";
376 $ret.="\tSET FIPSLIB_D=\$(FIPSLIB_D)\n";
377 $ret.="\t\$(FIPSLINK) \$(MLFLAGS) /map $base_arg $efile$target ";
378 $ret.="$name @<<\n \$(SHLIB_EX_OBJ) $objs ";
379 $ret.="\$(OBJ_D)${o}fips_premain.obj $ex\n<<\n";
380 }
381 else
382 {
383 $ret.="$target: $objs";
384 if ($target =~ /O_CRYPTO/ && $fipsdso)
385 {
386 $ret .= " \$(O_FIPS)";
387 $ex .= " \$(L_FIPS)";
388 }
389 $ret.="\n\t\$(LINK) \$(MLFLAGS) $efile$target $name @<<\n \$(SHLIB_EX_OBJ) $objs $ex\n<<\n";
390 }
391
290 $ret.="\tIF EXIST \$@.manifest mt -nologo -manifest \$@.manifest -outputresource:\$@;2\n\n"; 392 $ret.="\tIF EXIST \$@.manifest mt -nologo -manifest \$@.manifest -outputresource:\$@;2\n\n";
291 } 393 }
292 $ret.="\n"; 394 $ret.="\n";
@@ -295,16 +397,64 @@ sub do_lib_rule
295 397
296sub do_link_rule 398sub do_link_rule
297 { 399 {
298 local($target,$files,$dep_libs,$libs)=@_; 400 my($target,$files,$dep_libs,$libs,$standalone)=@_;
299 local($ret,$_); 401 local($ret,$_);
300
301 $file =~ s/\//$o/g if $o ne '/'; 402 $file =~ s/\//$o/g if $o ne '/';
302 $n=&bname($targer); 403 $n=&bname($targer);
303 $ret.="$target: $files $dep_libs\n"; 404 $ret.="$target: $files $dep_libs\n";
304 $ret.="\t\$(LINK) \$(LFLAGS) $efile$target @<<\n"; 405 if ($standalone == 1)
305 $ret.=" \$(APP_EX_OBJ) $files $libs\n<<\n"; 406 {
306 $ret.="\tIF EXIST \$@.manifest mt -nologo -manifest \$@.manifest -outputresource:\$@;1\n\n"; 407 $ret.=" \$(LINK) \$(LFLAGS) $efile$target @<<\n\t";
408 $ret.= "$mwex advapi32.lib " if ($files =~ /O_FIPSCANISTER/ && !$fipscanisterbuild);
409 $ret.="$files $libs\n<<\n";
410 }
411 elsif ($standalone == 2)
412 {
413 $ret.="\tSET FIPS_LINK=\$(LINK)\n";
414 $ret.="\tSET FIPS_CC=\$(CC)\n";
415 $ret.="\tSET FIPS_CC_ARGS=/Fo\$(OBJ_D)${o}fips_premain.obj \$(SHLIB_CFLAGS) -c\n";
416 $ret.="\tSET PREMAIN_DSO_EXE=\n";
417 $ret.="\tSET FIPS_TARGET=$target\n";
418 $ret.="\tSET FIPS_SHA1_EXE=\$(FIPS_SHA1_EXE)\n";
419 $ret.="\tSET FIPSLIB_D=\$(FIPSLIB_D)\n";
420 $ret.="\t\$(FIPSLINK) \$(LFLAGS) /map $efile$target @<<\n";
421 $ret.="\t\$(APP_EX_OBJ) $files \$(OBJ_D)${o}fips_premain.obj $libs\n<<\n";
422 }
423 else
424 {
425 $ret.="\t\$(LINK) \$(LFLAGS) $efile$target @<<\n";
426 $ret.="\t\$(APP_EX_OBJ) $files $libs\n<<\n";
427 }
428 $ret.="\tIF EXIST \$@.manifest mt -nologo -manifest \$@.manifest -outputresource:\$@;1\n\n";
429 return($ret);
430 }
431
432sub do_rlink_rule
433 {
434 local($target,$rl_start, $rl_mid, $rl_end,$dep_libs,$libs)=@_;
435 local($ret,$_);
436 my $files = "$rl_start $rl_mid $rl_end";
437
438 $file =~ s/\//$o/g if $o ne '/';
439 $n=&bname($targer);
440 $ret.="$target: $files $dep_libs \$(FIPS_SHA1_EXE)\n";
441 $ret.="\t\$(PERL) ms\\segrenam.pl \$\$a $rl_start\n";
442 $ret.="\t\$(PERL) ms\\segrenam.pl \$\$b $rl_mid\n";
443 $ret.="\t\$(PERL) ms\\segrenam.pl \$\$c $rl_end\n";
444 $ret.="\t\$(MKLIB) $lfile$target @<<\n\t$files\n<<\n";
445 $ret.="\t\$(FIPS_SHA1_EXE) $target > ${target}.sha1\n";
446 $ret.="\t\$(PERL) util${o}copy.pl -stripcr fips${o}fips_premain.c \$(LIB_D)${o}fips_premain.c\n";
447 $ret.="\t\$(CP) fips${o}fips_premain.c.sha1 \$(LIB_D)${o}fips_premain.c.sha1\n";
448 $ret.="\n";
307 return($ret); 449 return($ret);
308 } 450 }
309 451
452sub do_sdef_rule
453 {
454 my $ret = "ms/\$(LIBFIPS).def: \$(O_FIPSCANISTER)\n";
455 $ret.="\t\$(PERL) util/mksdef.pl \$(MLFLAGS) /out:dummy.dll /def:ms/libeay32.def @<<\n \$(O_FIPSCANISTER)\n<<\n";
456 $ret.="\n";
457 return $ret;
458 }
459
3101; 4601;
diff --git a/src/lib/libcrypto/util/ssleay.num b/src/lib/libcrypto/util/ssleay.num
index b3ac136a56..2055cc1597 100644
--- a/src/lib/libcrypto/util/ssleay.num
+++ b/src/lib/libcrypto/util/ssleay.num
@@ -241,3 +241,4 @@ SSL_CTX_sess_get_remove_cb 289 EXIST::FUNCTION:
241SSL_set_SSL_CTX 290 EXIST::FUNCTION: 241SSL_set_SSL_CTX 290 EXIST::FUNCTION:
242SSL_get_servername 291 EXIST::FUNCTION:TLSEXT 242SSL_get_servername 291 EXIST::FUNCTION:TLSEXT
243SSL_get_servername_type 292 EXIST::FUNCTION:TLSEXT 243SSL_get_servername_type 292 EXIST::FUNCTION:TLSEXT
244SSL_CTX_set_client_cert_engine 293 EXIST::FUNCTION:ENGINE
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-30 18:30:36 +0000